440 research outputs found
Peer-to-Peer Secure Multi-Party Numerical Computation Facing Malicious Adversaries
We propose an efficient framework for enabling secure multi-party numerical
computations in a Peer-to-Peer network. This problem arises in a range of
applications such as collaborative filtering, distributed computation of trust
and reputation, monitoring and other tasks, where the computing nodes is
expected to preserve the privacy of their inputs while performing a joint
computation of a certain function. Although there is a rich literature in the
field of distributed systems security concerning secure multi-party
computation, in practice it is hard to deploy those methods in very large scale
Peer-to-Peer networks. In this work, we try to bridge the gap between
theoretical algorithms in the security domain, and a practical Peer-to-Peer
deployment.
We consider two security models. The first is the semi-honest model where
peers correctly follow the protocol, but try to reveal private information. We
provide three possible schemes for secure multi-party numerical computation for
this model and identify a single light-weight scheme which outperforms the
others. Using extensive simulation results over real Internet topologies, we
demonstrate that our scheme is scalable to very large networks, with up to
millions of nodes. The second model we consider is the malicious peers model,
where peers can behave arbitrarily, deliberately trying to affect the results
of the computation as well as compromising the privacy of other peers. For this
model we provide a fourth scheme to defend the execution of the computation
against the malicious peers. The proposed scheme has a higher complexity
relative to the semi-honest model. Overall, we provide the Peer-to-Peer network
designer a set of tools to choose from, based on the desired level of security.Comment: Submitted to Peer-to-Peer Networking and Applications Journal (PPNA)
200
A Privacy-Preserving Protocol for the Kidney Exchange Problem
Kidney donations from living donors form an attractive alternative to long
waiting times on a list for a post-mortem donation. However, even if a living
donor for a given patient is found, the donor's kidney might not meet the
patient's medical requirements. If several patients are in this position, they
may be able to exchange donors in a cyclic fashion. Current algorithmic
approaches for determining such exchange cycles neglect the privacy
requirements of donors and patients as they require their medical data to be
centrally collected and evaluated. In this paper, we present the first
distributed privacy-preserving protocol for kidney exchange that ensures the
correct computing of the exchange cycles while at the same time protecting the
privacy of the patients' sensitive medical data. We prove correctness and
security of the new protocol and evaluate its practical performance
GraphSE: An Encrypted Graph Database for Privacy-Preserving Social Search
In this paper, we propose GraphSE, an encrypted graph database for online
social network services to address massive data breaches. GraphSE preserves
the functionality of social search, a key enabler for quality social network
services, where social search queries are conducted on a large-scale social
graph and meanwhile perform set and computational operations on user-generated
contents. To enable efficient privacy-preserving social search, GraphSE
provides an encrypted structural data model to facilitate parallel and
encrypted graph data access. It is also designed to decompose complex social
search queries into atomic operations and realise them via interchangeable
protocols in a fast and scalable manner. We build GraphSE with various
queries supported in the Facebook graph search engine and implement a
full-fledged prototype. Extensive evaluations on Azure Cloud demonstrate that
GraphSE is practical for querying a social graph with a million of users.Comment: This is the full version of our AsiaCCS paper "GraphSE: An
Encrypted Graph Database for Privacy-Preserving Social Search". It includes
the security proof of the proposed scheme. If you want to cite our work,
please cite the conference version of i
Distributed Differentially Private Averaging with Improved Utility and Robustness to Malicious Parties
Learning from data owned by several parties, as in federated learning, raises
challenges regarding the privacy guarantees provided to participants and the
correctness of the computation in the presence of malicious parties. We tackle
these challenges in the context of distributed averaging, an essential building
block of distributed and federated learning. Our first contribution is a novel
distributed differentially private protocol which naturally scales with the
number of parties. The key idea underlying our protocol is to exchange
correlated Gaussian noise along the edges of a network graph, complemented by
independent noise added by each party. We analyze the differential privacy
guarantees of our protocol and the impact of the graph topology, showing that
we can match the accuracy of the trusted curator model even when each party
communicates with only a logarithmic number of other parties chosen at random.
This is in contrast with protocols in the local model of privacy (with lower
accuracy) or based on secure aggregation (where all pairs of users need to
exchange messages). Our second contribution is to enable users to prove the
correctness of their computations without compromising the efficiency and
privacy guarantees of the protocol. Our construction relies on standard
cryptographic primitives like commitment schemes and zero knowledge proofs.Comment: 39 page
Crypto'Graph: Leveraging Privacy-Preserving Distributed Link Prediction for Robust Graph Learning
Graphs are a widely used data structure for collecting and analyzing
relational data. However, when the graph structure is distributed across
several parties, its analysis is particularly challenging. In particular, due
to the sensitivity of the data each party might want to keep their partial
knowledge of the graph private, while still willing to collaborate with the
other parties for tasks of mutual benefit, such as data curation or the removal
of poisoned data. To address this challenge, we propose Crypto'Graph, an
efficient protocol for privacy-preserving link prediction on distributed
graphs. More precisely, it allows parties partially sharing a graph with
distributed links to infer the likelihood of formation of new links in the
future. Through the use of cryptographic primitives, Crypto'Graph is able to
compute the likelihood of these new links on the joint network without
revealing the structure of the private individual graph of each party, even
though they know the number of nodes they have, since they share the same graph
but not the same links. Crypto'Graph improves on previous works by enabling the
computation of a certain number of similarity metrics without any additional
cost. The use of Crypto'Graph is illustrated for defense against graph
poisoning attacks, in which it is possible to identify potential adversarial
links without compromising the privacy of the graphs of individual parties. The
effectiveness of Crypto'Graph in mitigating graph poisoning attacks and
achieving high prediction accuracy on a graph neural network node
classification task is demonstrated through extensive experimentation on a
real-world dataset
Communication Complexity and Secure Function Evaluation
We suggest two new methodologies for the design of efficient secure
protocols, that differ with respect to their underlying computational models.
In one methodology we utilize the communication complexity tree (or branching
for f and transform it into a secure protocol. In other words, "any function f
that can be computed using communication complexity c can be can be computed
securely using communication complexity that is polynomial in c and a security
parameter". The second methodology uses the circuit computing f, enhanced with
look-up tables as its underlying computational model. It is possible to
simulate any RAM machine in this model with polylogarithmic blowup. Hence it is
possible to start with a computation of f on a RAM machine and transform it
into a secure protocol.
We show many applications of these new methodologies resulting in protocols
efficient either in communication or in computation. In particular, we
exemplify a protocol for the "millionaires problem", where two participants
want to compare their values but reveal no other information. Our protocol is
more efficient than previously known ones in either communication or
computation
- …